blob: 56ba2a62635f1f52d3c883f83bdde7dfb3f95a20 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
{
config,
guzzle_api,
modulesPath,
pkgs,
...
}: {
imports = [
(modulesPath + "/virtualisation/digital-ocean-image.nix")
];
_module.args.nixinate = {
host = "167.99.145.73";
sshUser = "root";
buildOn = "remote";
substituteOnTarget = true;
hermetic = false;
};
networking.hostName = "p-body";
services = {
#caddy = {
# enable = true;
# email = "[email protected]";
# logFormat = ''
# output stdout
# format json
# '';
# extraConfig = ''
# (strip-www) {
# redir https://{args.0}{uri}
# }
# (common_domain) {
# encode gzip
# handle {
# try_files {path} {path}/
# }
# handle_errors {
# @404 {
# expression {http.error.status_code} == 404
# }
# rewrite @404 /404.html
# file_server
# }
# }
# (no_embeds) {
# header /{args.0} X-Frame-Options DENY
# }
# (container_proxy) {
# handle_path /{args.0}/* {
# reverse_proxy {args.1}
# }
# }
# '';
# globalConfig = ''
# auto_https off
# '';
# virtualHosts = {
# guzzle = rec {
# hostName = "167.99.145.73";
# serverAliases = [
# "www.${hostName}"
# ];
# extraConfig = ''
# root * /var/www
# import common_domain
# file_server
# import container_proxy api :8000
# '';
# listenAddresses = [
# "127.0.0.1"
# "::1"
# ];
# };
# };
#};
guzzle-api = {
enable = true;
url = "http://167.99.145.73";
port = "80";
package = guzzle_api.packages.x86_64-linux.guzzle-api-server;
};
};
swapDevices = [
{
device = "/swapfile";
}
];
system.stateVersion = "22.11";
users.users = let
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOeEbjzzzwf9Qyl0JorokhraNYG4M2hovyAAaA6jPpM7 seth@glados"
];
in {
root = {inherit openssh;};
p-body = {
extraGroups = ["wheel"];
isNormalUser = true;
shell = pkgs.bash;
passwordFile = config.age.secrets.userPassword.path;
inherit openssh;
};
};
zramSwap.enable = true;
}
|
